---
page_title: "cloudflare_notification_policy Resource - Cloudflare"
subcategory: ""
description: |-
  Provides a resource, that manages a notification policy for
  Cloudflare's products. The delivery mechanisms supported are email,
  webhooks, and PagerDuty.
---

# cloudflare_notification_policy (Resource)

Provides a resource, that manages a notification policy for
Cloudflare's products. The delivery mechanisms supported are email,
webhooks, and PagerDuty.

## Example Usage

```terraform
resource "cloudflare_notification_policy" "example" {
  account_id  = "f037e56e89293a057740de681ac9abbe"
  name        = "Policy for SSL notification events"
  description = "Notification policy to alert when my SSL certificates are modified"
  enabled     = true
  alert_type  = "universal_ssl_event_type"

  email_integration {
    id = "myemail@example.com"
  }

  webhooks_integration {
    id = "1860572c5d964d27aa0f379d13645940"
  }

  pagerduty_integration {
    id = "850129d136459401860572c5d964d27k"
  }
}

### With Filters
resource "cloudflare_notification_policy" "example" {
  account_id  = "f037e56e89293a057740de681ac9abbe"
  name        = "Policy for Healthcheck notification"
  description = "Notification policy to alert on unhealthy Healthcheck status"
  enabled     = true
  alert_type  = "health_check_status_notification"

  email_integration {
    id = "myemail@example.com"
  }

  webhooks_integration {
    id = "1860572c5d964d27aa0f379d13645940"
  }

  pagerduty_integration {
    id = "850129d136459401860572c5d964d27k"
  }

  filters {
    health_check_id = ["699d98642c564d2e855e9661899b7252"]
    status          = ["Unhealthy"]
  }
}
```
<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `account_id` (String) The account identifier to target for the resource.
- `alert_type` (String) The event type that will trigger the dispatch of a notification. See the developer documentation for descriptions of [available alert types](https://developers.cloudflare.com/fundamentals/notifications/notification-available/). Available values: `advanced_http_alert_error`, `access_custom_certificate_expiration_type`, `advanced_ddos_attack_l4_alert`, `advanced_ddos_attack_l7_alert`, `bgp_hijack_notification`, `billing_usage_alert`, `block_notification_block_removed`, `block_notification_new_block`, `block_notification_review_rejected`, `brand_protection_alert`, `brand_protection_digest`, `clickhouse_alert_fw_anomaly`, `clickhouse_alert_fw_ent_anomaly`, `custom_ssl_certificate_event_type`, `dedicated_ssl_certificate_event_type`, `dos_attack_l4`, `dos_attack_l7`, `expiring_service_token_alert`, `failing_logpush_job_disabled_alert`, `fbm_auto_advertisement`, `fbm_dosd_attack`, `fbm_volumetric_attack`, `health_check_status_notification`, `hostname_aop_custom_certificate_expiration_type`, `http_alert_edge_error`, `http_alert_origin_error`, `incident_alert`, `load_balancing_health_alert`, `load_balancing_pool_enablement_alert`, `logo_match_alert`, `magic_tunnel_health_check_event`, `maintenance_event_notification`, `mtls_certificate_store_certificate_expiration_type`, `pages_event_alert`, `radar_notification`, `real_origin_monitoring`, `scriptmonitor_alert_new_code_change_detections`, `scriptmonitor_alert_new_hosts`, `scriptmonitor_alert_new_malicious_hosts`, `scriptmonitor_alert_new_malicious_scripts`, `scriptmonitor_alert_new_malicious_url`, `scriptmonitor_alert_new_max_length_resource_url`, `scriptmonitor_alert_new_resources`, `secondary_dns_all_primaries_failing`, `secondary_dns_primaries_failing`, `secondary_dns_zone_successfully_updated`, `secondary_dns_zone_validation_warning`, `sentinel_alert`, `stream_live_notifications`, `traffic_anomalies_alert`, `tunnel_health_event`, `tunnel_update_event`, `universal_ssl_event_type`, `web_analytics_metrics_update`, `weekly_account_overview`, `workers_alert`, `zone_aop_custom_certificate_expiration_type`.
- `enabled` (Boolean) The status of the notification policy.
- `name` (String) The name of the notification policy.

### Optional

- `description` (String) Description of the notification policy.
- `email_integration` (Block Set) The email ID to which the notification should be dispatched. (see [below for nested schema](#nestedblock--email_integration))
- `filters` (Block List, Max: 1) An optional nested block of filters that applies to the selected `alert_type`. A key-value map that specifies the type of filter and the values to match against (refer to the alert type block for available fields). (see [below for nested schema](#nestedblock--filters))
- `pagerduty_integration` (Block Set) The unique ID of a configured pagerduty endpoint to which the notification should be dispatched. (see [below for nested schema](#nestedblock--pagerduty_integration))
- `webhooks_integration` (Block Set) The unique ID of a configured webhooks endpoint to which the notification should be dispatched. (see [below for nested schema](#nestedblock--webhooks_integration))

### Read-Only

- `created` (String) When the notification policy was created.
- `id` (String) The ID of this resource.
- `modified` (String) When the notification policy was last modified.

<a id="nestedblock--email_integration"></a>
### Nested Schema for `email_integration`

Optional:

- `name` (String)

Read-Only:

- `id` (String) The ID of this resource.


<a id="nestedblock--filters"></a>
### Nested Schema for `filters`

Optional:

- `actions` (Set of String) Targeted actions for alert.
- `affected_components` (Set of String) Affected components for alert. Available values: `API`, `API Shield`, `Access`, `Always Online`, `Analytics`, `Apps Marketplace`, `Argo Smart Routing`, `Audit Logs`, `Authoritative DNS`, `Billing`, `Bot Management`, `Bring Your Own IP (BYOIP)`, `Browser Isolation`, `CDN Cache Purge`, `CDN/Cache`, `Cache Reserve`, `Challenge Platform`, `Cloud Access Security Broker (CASB)`, `Community Site`, `DNS Root Servers`, `DNS Updates`, `Dashboard`, `Data Loss Prevention (DLP)`, `Developer's Site`, `Digital Experience Monitoring (DEX)`, `Distributed Web Gateway`, `Durable Objects`, `Email Routing`, `Ethereum Gateway`, `Firewall`, `Gateway`, `Geo-Key Manager`, `Image Resizing`, `Images`, `Infrastructure`, `Lists`, `Load Balancing and Monitoring`, `Logs`, `Magic Firewall`, `Magic Transit`, `Magic WAN`, `Magic WAN Connector`, `Marketing Site`, `Mirage`, `Network`, `Notifications`, `Observatory`, `Page Shield`, `Pages`, `R2`, `Radar`, `Randomness Beacon`, `Recursive DNS`, `Registrar`, `Registration Data Access Protocol (RDAP)`, `SSL Certificate Provisioning`, `SSL for SaaS Provisioning`, `Security Center`, `Snippets`, `Spectrum`, `Speed Optimizations`, `Stream`, `Support Site`, `Time Services`, `Trace`, `Tunnel`, `Turnstile`, `WARP`, `Waiting Room`, `Web Analytics`, `Workers`, `Workers KV`, `Workers Preview`, `Zaraz`, `Zero Trust`, `Zero Trust Dashboard`, `Zone Versioning`.
- `alert_trigger_preferences` (Set of String) Alert trigger preferences. Example: `slo`.
- `enabled` (Set of String) State of the pool to alert on.
- `environment` (Set of String) Environment of pages. Available values: `ENVIRONMENT_PREVIEW`, `ENVIRONMENT_PRODUCTION`.
- `event` (Set of String) Pages event to alert. Available values: `EVENT_DEPLOYMENT_STARTED`, `EVENT_DEPLOYMENT_FAILED`, `EVENT_DEPLOYMENT_SUCCESS`.
- `event_source` (Set of String) Source configuration to alert on for pool or origin.
- `event_type` (Set of String) Stream event type to alert on.
- `group_by` (Set of String) Alert grouping.
- `health_check_id` (Set of String) Identifier health check. Required when using `filters.0.status`.
- `incident_impact` (Set of String) The incident impact level that will trigger the dispatch of a notification. Available values: `INCIDENT_IMPACT_NONE`, `INCIDENT_IMPACT_MINOR`, `INCIDENT_IMPACT_MAJOR`, `INCIDENT_IMPACT_CRITICAL`.
- `input_id` (Set of String) Stream input id to alert on.
- `limit` (Set of String) A numerical limit. Example: `100`.
- `megabits_per_second` (Set of String) Megabits per second threshold for dos alert.
- `new_health` (Set of String) Health status to alert on for pool or origin.
- `new_status` (Set of String) Tunnel health status to alert on.
- `packets_per_second` (Set of String) Packets per second threshold for dos alert.
- `pool_id` (Set of String) Load balancer pool identifier.
- `product` (Set of String) Product name. Available values: `worker_requests`, `worker_durable_objects_requests`, `worker_durable_objects_duration`, `worker_durable_objects_data_transfer`, `worker_durable_objects_stored_data`, `worker_durable_objects_storage_deletes`, `worker_durable_objects_storage_writes`, `worker_durable_objects_storage_reads`.
- `project_id` (Set of String) Identifier of pages project.
- `protocol` (Set of String) Protocol to alert on for dos.
- `requests_per_second` (Set of String) Requests per second threshold for dos alert.
- `selectors` (Set of String) Selectors for alert. Valid options depend on the alert type.
- `services` (Set of String)
- `slo` (Set of String) A numerical limit. Example: `99.9`.
- `status` (Set of String) Status to alert on.
- `target_hostname` (Set of String) Target host to alert on for dos.
- `target_zone_name` (Set of String) Target domain to alert on.
- `tunnel_id` (Set of String) Tunnel IDs to alert on.
- `where` (Set of String) Filter for alert.
- `zones` (Set of String) A list of zone identifiers.


<a id="nestedblock--pagerduty_integration"></a>
### Nested Schema for `pagerduty_integration`

Optional:

- `name` (String)

Read-Only:

- `id` (String) The ID of this resource.


<a id="nestedblock--webhooks_integration"></a>
### Nested Schema for `webhooks_integration`

Optional:

- `name` (String)

Read-Only:

- `id` (String) The ID of this resource.

## Import

Import is supported using the following syntax:

```shell
$ terraform import cloudflare_notification_policy.example <account_id>/<policy_id>
```
